Take 1 Security Podcast: Episode 19
Unsupervised Learning16 Nov 2015

Take 1 Security Podcast: Episode 19



Topics for this episode:

News and analysis


* [ ] A couple of months into my job with IOActive
* [ ] Paris Attacks: resilience vs. prevention
* [ ] Updating the OWASP IoT Project (no longer the Top 10) It’s an umbrella project.
* [ ] Adding to the IoT project the SCADA Top 10 List (read the list), and Nabil Ouchn is going to be project leader on that project
* [ ] Pentagon farms coding to Russia
* [ ] Crypto email service pays ransom, gets taken out anyway
* [ ] Blackout Europe shows vulnerabilities in LTE. Forced leak of location within 2-KM radius. Were also able to block LTE and force 3G or 2G.
* [ ] Onapsis talks SAP HANA vulnerabilities. They’re config issues, and aren’t patchable, and include: remote file writes, remote directory deletions, moving files to where they can be access remotely, remote command execution, and remote python execution. To fix, you have to upgrade to the latest version and reconfigure your system. Also two issues with the database that allow HTTP RCE and SQL RCE.
* [ ] TPP : how did we even get an agreement that was secret in the first place. Forget the details. This should never be allowed to happen again
* [ ] Linux ransomware now hitting websites (broken by Brian Krebs)
* [ ] Linux.Encoder.1 has a predictable key for its ransomware, and a tool was released to decrypt victims’ systems. Good to know that even attackers make dumb encryption implementation mistakes.
* [ ] Visio smart tracking turned on for 10 million users. Here was the pitch “revolutionary shift across all screens that brings measurability, relevancy and personalization to the consumer like never before!”
* [ ] Ring-0 theory of devops: history of the o-ring. Small thing that everything else depends on. for serial tasks you need A players to have an A process. As you lower the whole thing tumbles down
* [ ] The Chinese Great Cannon: so we know about the Great Firewall, now learn about the Great Cannon
* [ ] Must read article: What ISIS Really Wants, by the Atlantic
* [ ] Two must follows: Gunnar Peterson, and Benedict Evans. Gunnar is brilliant in security, and Benedict works for Adresesen Horowitz


Updates and announcements


* Hit me up at IOActive if you have any security consulting needs.


Notes


* The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM.
* It’s better to listen via iTunes or with the player embedded above, but you can also download the sound file directly.

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Avsnitt(532)

News & Analysis | NO. 321

News & Analysis | NO. 321

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-321/Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

9 Mars 202214min

Sponsored Conversation: Ev Kontsevoy from Teleport

Sponsored Conversation: Ev Kontsevoy from Teleport

In this sponsored conversation, I talk with Ev Kontsevoy of Teleport. In this series I have organic conversations with entrepreneurs as if having lunch with them and hearing about the product for the first time. They give their pitch, and I dig deeper with questions. Teleport, in my own words, is a way of rethinking how people access and use computing resources. It's a policy-based system that controls who can do what across your entire infrastructure using a central access plane. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

7 Mars 202240min

Andrew Ringlein's 5 Crypto Accelerators in Gaming and Business

Andrew Ringlein's 5 Crypto Accelerators in Gaming and Business

This standalone episode is a conversation with my friend Andrew Ringlein on the topic of how crypto is best thought of as a set of accelerators for business, with gaming being the initial flagship. We talk about Andrew's 5 principles that accelerate gaming companies adopting crypto first, and then look at how those same concepts will soon be adopted by all types of businesses. We also discuss legitimate doubts around crypto in general, and discuss why we think the concepts are more durable (and inevitable) than the technology.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

6 Mars 20221h 5min

News & Analysis | NO. 320

News & Analysis | NO. 320

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-320/Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

28 Feb 202218min

News & Analysis | NO. 319

News & Analysis | NO. 319

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-319/Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

22 Feb 20228min

News & Analysis | NO. 318

News & Analysis | NO. 318

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-318/Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

14 Feb 202211min

News & Analysis | NO. 317

News & Analysis | NO. 317

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-317/Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

7 Feb 202214min

News & Analysis | NO. 316

News & Analysis | NO. 316

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-316/Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

31 Jan 202212min

Populärt inom Teknik

uppgang-och-fall
rss-racevecka
elbilsveckan
rss-badfluence
bilar-med-sladd
bosse-bildoktorn-och-hasse-p
market-makers
skogsforum-podcast
rss-veckans-ai
natets-morka-sida
rss-technokratin
rss-laddstationen-med-elbilen-i-sverige
hej-bruksbil
garagehang
mediepodden
solcellskollens-podcast
rss-uppgang-och-fall
rss-snacka-om-ai
developers-mer-an-bara-kod
ai-sweden-podcast